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DETAILED ACTION 

1. Claims 1-31 are pending 

Claim Rejections - 35 USC §112 

2. 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification sliall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 8, 16 and 24 rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claims 8, 16 and 24 claim "converting hexadecimal digit ciphertext to a decimal 
result by scanning the hexadecimal digit ciphertext" The term "scanning" can be 
interpreted as either inputting or actually scanning an image and converting into digital 
data. 

Claim Rejections - 35 USC § 103 

3. 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
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the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 

the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 

the various claims was commonly owned at the time any inventions covered therein 

were made absent any evidence to the contrary. Applicant is advised of the obligation 

under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 

not commonly owned at the time a later invention was made in order for the examiner to 

consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 

prior art under 35 U.S.C. 103(a). 



Claims 1-3, 7and 9 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coppersmith. 

Regarding Claims 1-2, 7 and 9 

Coppersmith teaches an apparatus comprising: 

a plurality of cipher blocks linked in a Cipher Block Chain (CBC) and keyed with a 
Key; (Figure 1 shows Triple-DES external feedback cipher block chaining) 

a first input block (Figure 1, X1) coupled to a first cipher block (Figure 1, Y1) in the 
CBC chain capable of receiving a text block. 
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and a second input block (Figure 1, X2) coupled to a second cipher block (Figure 1, 
Y2) in the CBC chain capable of receiving a text block and ciphertext from a cipher 
block in the CBC chain, 

a logical operator that exclusive-ORs the plaintext block derived from the secret 
PIN with an initialization vector to produce an initialized block (Figure 1, the Examiner 
interprets IV as being the initialization vector, andX1 as the plaintext block. The Examiner 
interprets the XORed result of IV and X1 as the initialized block); 

a first encryptor that encrypts the initialized block using 3-DES encryption to 
produce a first ciphertext block ; (Figure 1. The Examiner interprets the first encryptor as the 
Triple-DES encryptor between X1 and Y1) 

a logical operator that exclusive-ORs the plaintext block derived from the with 
the first ciphertext block to produce a chained block; (Figure 1. The Examiner interprets 
the first ciphertext block as Y1 and the plaintext block as X2 and the XOR in between as the 
logical operator) 

and a second encryptor that encrypts the chained block using 3-DES encryption 
to produce a second ciphertext block (Figure 1. The Examiner interprets the second 
encryptor as the Triple-DES encryptor between X2 and Y2) 

Coppersmith however does not teach that the first input block that is a text block 
contains a secret PIN. Coppersmith further does not teach that the second input block 
is derived from a non-secret entity-identifier. Coppersmith does not teach that the key 
is a Pin Verification Key. 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention to have the system of Coppersmith input a secret PIN in the first input block 
and input a non-secret identifier in the second input block and have the key be a PIN 
verification key. 

The motivation is that the system of Coppersmith without any modification can 
take the inputs of a secret PIN and the non-secret identifier and using a key output a 
Pin Verification Value. 

Regarding Claim 3, 

Coppersmith teaches the apparatus according to claim 2 wherein: the PIN 
verification apparatus operates in a reversible mode that enables recovery of the secret 
PIN from the second ciphertext block. In CBC it is inherent that the plaintext can be 
recovered by performing the reverse operations provided that the secret key is known. 

Claim 4-5 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coppersmith in viewof Vernam (1310719). 



Regarding Claims 4 and 5, 
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Coppersmith teaches the apparatus according to claim 2. However Coppersmith 
does not explicitly teach further comprising: a logical operator that exclusive-ORs the 
first ciphertext block with the second ciphertext block to produce a third ciphertext 
block. 

Vernam teaches a cipher that takes in two inputs and XORs them together to 
produce a ciphertext. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to XOR together the first and second ciphertext block to produce a third 
ciphertext block. 

The motivation to combine is that the Vernam cipher has been a well known way 
to provide further encryption since 1919. 

It is inherent that a PIN verification apparatus operates in an irreversible mode 
when the secret key is not possessed. 

Claim 6 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coppersmith in view of Vernam as applied to claim 5 above, and further in view of 
Brachtl. 

Regarding Claim 6, 

Coppersmith and Vernam teach the apparatus according to claim 5. 



Application/Control Number: 10/749.200 Page 7 

Art Unit: 2139 

Coppersmith and Vernam do not further teach: an escrow storage coupled to the 
second encryptor and capable of storing the second ciphertext block. 

Brachtl teaches an escrow storage coupled to a second encryptor capable of 
storing a second ciphertext block. ("The quantities AP KTR1 and KTR2 are stored at the 
issuer's data processing center enciphered under the second variant (KM2) of the issuer's 
master key and associated together and enclosed by the PAN for the user. The quantities 
PAN, PIN and KP for the user are also stored offline." Column 7, lines 49-56) 

The Examiner interprets the escrow storage as the issuer's data processing center The 
Examiner interprets the storage coupled to a second encryptor as the quantities being 
enciphered under the second variant. The Examiner further interprets that the second 
ciphertext block is capable of being stored. 



It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teachings of Coppersmith and Vernam with an escrow storage. 

The motivation is firstly "for backup purposes" Column 7, line 55. The second 
motivation is that the reference is a patent from 1988 so therefore it has been well 
known to store data in an escrow storage in the PIN verification art. 

Claims 8 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Coppersmith in view of Matyas. 
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Coppersmith teaches the apparatus according to claim 1 . Coppersmith does not 
explicitly teach: a format converter and capable of converting hexadecimal digit 
ciphertext to a decimal result by scanning the hexadecimal digit ciphertext, selecting a 
predetermined number of numeric digits, and generating output digits as a PIN 
Verification Value (PW). 

Matyas teaches a format converter capable of converting hexadecimal digit 
ciphertext to decimal result by scanning the hexadecimal digit ciphertext, selecting a 
predetermined number of numeric digits, and generating output digits. (Figure 9 shows 
a hexadecimal ciphertext input into a decimalization table. The Examiner interprets the 
output digits as the PIN Verification Value. The Examiner further interprets that it is 
inherent that a predetermined number of digits must first be selected before converting 
from hex to decimal. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the PIN verification apparatus of Coppersmith with the format 
converter of Matyas. 

The motivation is that Figure 9 describes the IBM 3624, including the format 
converter. This PIN verification apparatus is very well known in the PIN verification art 
and has been in use since the late 1970's. Therefore one of ordinary skill in the art 
would know to add a hexadecimal to decimal format converter to a PIN verification 
apparatus. 
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Regarding Claim 10, 

Coppersmith teaches the apparatus according to claim I. Coppersmith does not 
explicitly teach inputs including: a length digit, x hexadecimal digits of the secret PIN, 
16-(x+1) hexadecimal digits of a non-secret identifier, and a pad character for the non- 
secret identifier that is repeated 16- (number of digits in the non-secret identifier) times. 

Matyas teaches a length digit ("a-pin-len is the number (1-16) indicating how many 
digits the generated PIN is assigned to the customer" Column 20, lines 53-53, x hexadecimal 
digits of the secret PIN ("CPIN is a... customer selected PIN in clear form" Column 20, lines 
41-47), a non-secret identifier and a pad character for the non-secret identifier that is 
repeated 16- (number of digits in the non-secret identifier) times ("val-data, Validation 
data is a 64-bit plain user's data, padding included. Ordinarily it will be the user's PAN" Column 
20, lines 51-53), 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the apparatus of Coppersmith with the inputs of Mayas. 

The motivation to combine is that Mayas discloses the inputs of the Generate 
IBM 3624 PIN process. This PIN verification apparatus is very well known in the PIN 
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verification art and has been in use since tlie late 1970's. Therefore one of ordinary 
sl^ill in the art would know of these Inputs. 

Coppersmith and Mayas do not explicitly teach a first formatter configured to 
construct a first incoming plaintext block from a concatenation of a length digit x 
hexadecimal digits of the secret Personal Identification Number (PIN) with 16-(x+1) 
rightmost hexadecimal digits of the non-secret entity-identifier; 

and a second formatter configured to construct a second incoming plaintext block 
from a concatenation of y hexadecimal digits of the non-secret entity-identifier with a 
pad character that is repeated 16-y times. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to construct a first plaintext block by concatenating a length digit with x 
hexadecimal digits of a PIN and 16-(x+1) hexadecimal digits of a non-secret entity 
identifier, and to construct a second plaintext block by concatenating y hexadecimal 
digits of the non-secret entity-identifier with a pad character that Is repeated 16-y times. 

The motivation to construct the first plaintext block by concatenating a length digit 
with a PIN and 16-{x+1) digits is firstly because it is a plaintext block and the user can 
choose to input the block in any suitable format. The IBM 3624 format already includes 
the length digit, the PIN as well as a pad for the PIN that is 16-x in length. It would have 
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been very obvious to one of ordinary skill to modify the IBM 3624 format to include 
these three inputs in a first format. 

The motivation to construct the second plaintext block by concatenating y 
hexadecimal digits of the non-secret entity identifier with a pad character that is 
repeated 16-y times is that the non-secret entity identifier (val-data) already comes 
padded in the IBM 3624 format. Without any modification the user could, as their 
design choice, input the val-data into the second plaintext block as described in 
Coppersmith. 

Claims 11-13, 16-21 and 24-31 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Matyas in view of Coppersmith. 

Regarding Claims 11-13,18, 20-21, 28-31 

Matyas teaches a data security apparatus comprising: 

an enrollment terminal capable of accepting a magnetic stripe card storing a non- 
secret entity-identifier and an entity-selected secret Personal Identification Number 
(PIN); (Figure 3, EFT Terminal accepts a PIN and is capable of storing non secret entity 
identifier) 
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a processor coupled to the enrollment terminal and capable of receiving the 
entity-identifier and the PIN; (It is inherent that the EFT Tenvinal has a processor capable of 
receiving the entity-identifier) 

and a memory coupled to the processor (It is inherent that the EFT Tenninal has 
memory with code embodied on it) and having a computable readable program code 
embodied therein capable of causing the processor to enroll a PIN (Figure 3, Create PIN 
block): 

a database capable of storing a plurality of PIN Verification Values (PWs) for 
enrolled magnetic stripe cards; (Figure 3, Customer Accounts Database), 

an escrow capable of storing a plurality of escrow values associated with at least 
some of the enrolled magnetic stripe cards; (Figure 3, Institution Yis capable of storing 
escrow values) 

and a processor coupled to the database and the escrow and capable of 
receiving an entity-identifier, a PIN Verification Value (PW) associated to the entity- 
identifier, and at least one escrow value associated to the entity-identifier; (Figure 3, 
HPC, or the Host Processing Center inherently has a processor that is capable or 
receiving identifiers and values) 

and a memory coupled to the processor and having a computable readable 
program code embodied therein capable of causing the processor to recover a PIN. 
(Figure 3, The HPC and Institution Y inherently have memories capable of causing the 
processor to recover a PIN as shown by the Verify PIN function) 

a plurality of terminals coupled to the servers via the network (Figure 1, EFT 
Terminals); 
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a plurality of magnetic stripe cards enrolled in the transaction system and 
capable of insertion into the on-line terminals and performing transactions via the 
servers; ("Consider the network configuration as shown in Fig 1, The entry point at which 
transaction requests are intiated, such as a point of sale (POS) tenvinal or an automated teller 
machine (ATM), is defined as an EFT terminal. " Column 2, lines 46-49). It is inherent that an 
ATM includes a plurality of magnetic stripe cards enrolled in the transaction system and 
capable of insertion into the online terminals and performing transactions via the servers. 

and a plurality of processors distributed among the servers, hosts, and/or the 
terminals, at least one of the processors being capable of executing PIN verification 
using a magnetic stripe card. (Figure 1, the Host Processing center and the terminals 
inherently have processors, of which the processors are capable of executing PIN verification) 

means for writing the PW to a transaction card for subsequent PIN verification 
(Figure 5, shows the Remote Card Issuing Station writing PIN information to a transaction card 
via the Card Writer) 

Matyas does not teach a method of linking a plurality of cipher blocks, applying 
incoming plaintext blocks to cipher blocks, keying the cipher blocks with a key, XORing 
the plaintext block with an initialization vector, encrypting the initialized block using 
tripled DES encryptiong, XORing the plaintext block with the first ciphertext block, 
encrypting the chained block using triple DES encryption, and outputting the second 
cipher block. 



Coppersmith teaches a method comprising: 
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linking a plurality of cipher blocks in a Cipher Block Chain (CBC); (Figure 1 shows 
Triple-DES external feedback cipher block chaining) 

applying an incoming plaintext block to one of the plurality of cipher blocks; 
(Figure 1 shows applying the plaintext block (X1) to a cipher block (Y1)) 

applying an incoming plaintext block derived from a non-secret entity-identifier 
and ciphertext from a cipher block in the CBC chain; (Figure 1 shows applying the 
plaintext block (X2) to a cipher block (Y2)) The Examiner interprets the X1 as the non-secret 
entity identifier and Y2 as the cipher block. 

keying the plurality of cipher blocks with a Key; and executing the cipher blocks 
resulting in generation of ciphertext (Figure 1. shows the plaintext being keyed (K1-K3) 
resulting in the generation of ciphertext. 

exclusive-ORing the plaintext block vyith an initialization vector to produce an 
initialized block; (Figure t the Examiner interprets IV as being the initialization vector, and 
X1 as the plaintext block. The Examiner interprets the XORed result of IV and X1 as the 
initialized block); 

encrypting the initialized block using triple Data Encryption Standard (3-DES) 
encryption to produce a first ciphertext block; (Figure 1 The Examiner interprets the first 
encryptor as the Triple-DES encryptor between X1 and Y1) 

exclusive-ORing the plaintext block with the first ciphertext block to produce a 
chained block; (Figure 1. The Examiner interprets the first ciphertext block as Y1 and the 
plaintext block as X2 and the XOR in between as the logical operator) 
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encrypting the cliained block using triple Data Encryption Standard (3-DES) 
encryption to produce a second ciphertext block; (Figure 1. The Examiner interprets the 
second encryptor as the Triple-DES encryptor between X2 and Y2) 

and outputting the second ciphertext block {The Examiner interprets the output of 
the second ciphertext bloci< as supplying information) 

It is inherent that with the proper key information the original cleartext can be 
recovered. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to have the processor of Matyas perform the method of Coppersmith. 

The motivation is that the method of using a CBC using triple-DES encryption is 
well known in the art. One of ordinary skill would be able to use the method of 
Coppersmith on the terminal of Matyas for the purpose of PIN encryption. 

Coppersmith however does not teach that the first input block that is a text block 
contains a secret PIN. Coppersmith further does not teach that the second input block 
is derived from a non-secret entity-identifier. Coppersmith does not teach that the key 
is a Pin Verification Key. Coppersmith does not teach that the output of the second 
ciphertext block is to be used for the purpose of PIN verification. 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention to have the system of Coppersmith input a secret PIN in the first input block 
and input a non-secret identifier in the second input block and have the key be a PIN 
verification key. 

The motivation is that the system of Coppersmith without any modification can 
take the inputs of a secret PIN and the non-secret identifier and using a key output a 
Pin Verification Value. Furthermore CBC can generate ciphertext for any field. One of 
ordinary skill in the art would be able to take the ciphertext generated from the inputs 
for the purpose of PIN verification. 

Regarding Claims 16 and 24, 

Matyas and Coppersmith teach the method according to claim 1 1 and the 
security apparatus that invokes the method in claim 20. 

Matyas teaches a format converter capable of converting hexadecimal digit 
ciphertext to decimal result by scanning the hexadecimal digit ciphertext, selecting a 
predetermined number of numeric digits, and generating output digits. (Figure 9 shows 
a hexadecimal ciphertext input into a decimalization table. The Examiner interprets the 
output digits as the PIN Verification Value. The Examiner further interprets that it is 
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inherent that a predetermined number of digits must first be selected before converting 
from hex to decimal. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the PIN verification apparatus of Coppersmith with the format 
converter of Matyas. 

The motivation is that Figure 9 describes the IBM 3624, including the format 
converter. This PIN verification apparatus is very well known in the PIN verification art 
and has been in use since the late 1970's. Therefore one of ordinary skill in the art 
would know to add a hexadecimal to decimal format converter to a PIN verification 
apparatus. 

Regarding Claims 17 and 25, 

Matyas and Coppersmith teach the method according to claim 1 1 and the 
security apparatus that invokes the method in claim 20. Matyas and Coppersmith do 
not explicitly teach supplying hexadecimal digit ciphertext generated by a final 
ciphertext block in the Cipher Block Chain (CBC) as a PIN Verification Value (PW). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to have the final ciphertext be in hexadecimal format. 

The motivation is that hexadecimal format is well known to one of ordinary skill in 
the art. 
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Regarding Claims 19 and 27, 

Matyas and Coppersmith teaches the method according to claim 1 1 and the 
security apparatus that invokes the method in claim 20. 

Matyas teaches a length digit Ca-pin-len is the number (1-16) indicating how many 
digits the generated PIN is assigned to the customer" Column 20, lines 53-53, x hexadecimal 
digits of the secret PIN f CP/A/ is a... customer selected PIN in clear form" Column 20, lines 
41-47), a non-secret identifier and a pad character for the non-secret identifier that is 
repeated 16- (number of digits in the non-secret identifier) times ("val-data, Validation 
data is a 64'bit plain user's data, padding included. Ordinarily it will be the user's PAN" Column 
20, lines 51-53), 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the apparatus of Coppersmith with the inputs of Mayas. 

The motivation to combine is that Mayas discloses the inputs of the Generate 
IBM 3624 PIN process. This PIN verification apparatus is very well known in the PIN 
verification art and has been in use since the late 1970's. Therefore one of ordinary 
skill in the art would know of these inputs. 
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Coppersmith and Matyas do not explicitly teach a first formatter configured to 
construct a first incoming plaintext block from a concatenation of a length digit x 
hexadecimal digits of the secret Personal Identification Number (PIN) with 16-(x+1) 
rightmost hexadecimal digits of the non-secret entity-identifier; 

and a second formatter configured to construct a second incoming plaintext block 
from a concatenation of y hexadecimal digits of the non-secret entity-identifier with a 
pad character that is repeated 16-y times. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to construct a first plaintext block by concatenating a length digit with x 
hexadecimal digits of a PIN and 16-(x+1) hexadecimal digits of a non-secret entity 
identifier, and to construct a second plaintext block by concatenafing y hexadecimal 
digits of the non-secret entity-identifier with a pad character that is repeated 16-y times. 

The motivation to construct the first plaintext block by concatenating a length digit 
with a PIN and 16-(x+1) digits is firstly because it is a plaintext block and the user can 
choose to input the block in any suitable format. The IBM 3624 format already includes 
the length digit, the PIN as well as a pad for the PIN that is 16-x in length. It would have 
been very obvious to one of ordinary skill to modify the IBM 3624 format to include 
these three inputs in a first format. 

The motivation to construct the second plaintext block by concatenating y 
hexadecimal digits of the non-secret entity identifier with a pad character that is 
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repeated 16-y times is that the non-secret entity identifier (val-data) already comes 
padded in the IBM 3624 format. Without any modification the user could, as their 
design choice, input the val-data into the second plaintext block as described in 
Coppersmith. 

Claims 14 and 22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Matyas in view of Coppersmith as applied to claims 1 1 and 20 above, and further 
in view of Vernam. 



Regarding Claims 14 and 22, 

Matyas and Coppersmith teach the method according to claim 11 and the 
security apparatus that invokes the method in claim 20 wherein the PIN verification 
method is capable of operating in an irreversible mode that obstructs recovery of the 
secret PIN, the method comprising: 

exclusive-ORing the plaintext block with an initialization vector to produce an 
initialized block; (Figure 1 of Coppersmith, the Examiner interprets IV as being the 
initialization vector, and X1 as the plaintext block. The Examiner interprets the XORed result of 
IV and X1 as the initialized block); 

encrypting the initialized block using triple Data Encryption Standard (3-DES) 
encryption to produce a first ciphertext block; (Figure 1 of Coppersmith. The Examiner 
interprets the first encryptor as the Triple-DES encryptor between X1 and Y1) 
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exclusive-ORing the plaintext block with the first ciphertext block to produce a 
chained block; (Figure 1 of Coppersmith. The Examiner interprets the first ciphertext block 
as Y1 and the plaintext block as X2 and the XOR in between as the logical operator) 

encrypting the chained block using triple Data Encryption Standard (3-DES) 
encryption to produce a second ciphertext block; (Figure 1 of Coppersmith. The Examiner 
interprets the second encryptor as the Triple-DES encryptor between X2 and Y2) 

and outputting the second ciphertext block {The Examiner interprets the output of 
the second ciphertext block as supplying information) 

Coppersmith does not exclusively teach exclusive-ORing the first ciphertext block 
with the second ciphertext block to produce a third ciphertext block; 

Vernam teaches a cipher that takes in two inputs and XORs them together to 
produce a ciphertext. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to XOR together the first and second ciphertext block to produce a third 
ciphertext block. 

The motivation to combine is that the Vernam cipher has been a well known way 
to provide further encryption since 1919. 

It is inherent that a PIN verification apparatus operates in an irreversible mode 
when the secret key is not possessed. 
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Claims 15 and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Matyas in view of Coppersmith further in view of Vernam as applied to claims 14 
and 22 above, and further in view of Brachtl. 

Regarding Claims 15 and 23, 

Matyas, Coppersmith and Vernam teach the method and the security apparatus 
according to claim 14. The cited references do not further teach: storing the second 
ciphertext block in at least one escrow to facilitate recovery of the secret PIN. 

Brachtl teaches an escrow storage coupled to a second encryptor capable of 
storing a second ciphertext block. ("The quantities AP KTR1 and KTR2 are stored at the 
issuer's data processing center enciphered under the second variant (KM2) of the issuer's 
master l<ey and associated together and enclosed by the PAN for the user The quantities 
PAN, PIN and KP for the user are also stored offline. " Column 7, lines 49-56) 

The Examiner interprets the escrow storage as the issuer's data processing center The 
Examiner interprets the storage coupled to a second encryptor as the quantities being 
enciphered under the second variant The Examiner further interprets that the second 
ciphertext block is capable of being stored. 



It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teachings of Coppersmith and Vernam with an escrow storage. 



Application/Control Number: 10/749,200 Page 23 

Art Unit: 2139 

The motivation is firstly "for bacl^up purposes" Column 7, line 55. The second 
motivation is that the reference is a patent from 1988 so therefore it has been well 
known to store data in an escrow storage in the PIN verification art. 

Conclusion 

4. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Harris C. Wang whose telephone number is 
5712701462. The examiner can normally be reached on M-F 8-5:30, Alternate Fridays 
Off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, AYAZ R. SHEIKH can be reached on (571)272-3795. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more Information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



HCW 




